Typos:
SecPmCj wrote:Cipher suites that were considered safe in the past but are no longer strong enough or they PFS.
They -lack- PFS ?
For the sake of readability, favor the full form instead of just relying on acronyms i.e.: "Cipher suites that were considered safe in the past but are no longer strong enough or they lack Perfect Forward Secrecy (PFS)"
SecPmCj wrote: For legacy purposes (...)
Extra space before "For" ^
SecPmCj wrote:PolyChacha
There's no such thing; probably a typo/leftover from a draft.
SecPmCj wrote:ChaCha20-Poly1305 PolyChacha ciphers are supported by Windows and can be enabled in scenarios where customers control the OS.
This document is about the supported version of TLS and associated cipher suite across Azure services, at the fabric level. This comment is simply off-topic/unrelated.
For completeness sake, Microsoft should strive to support ChaCha20-Poly1305 across any and all services that support TLS 1.3 (such as API Management).
On a side note:
- You have an exact empty <h4> under "FAQ" (wasted space)
- The cipher suite list is misformatted
- The cipher suite list should mention that TLS_AES_256_GCM_SHA384 and TLS_AES_128_GCM_SHA256 belong to TLS1.3 (exclusively) while the rest of the list belongs to TLS1.2
Thank you
cc SecPmCj , joprew